Legal claims defining the scope of protection, as filed with the USPTO.
2. The method of claim 1, further comprising in step f), transmitting, by the radio in the wireless device and to the network, the device ephemeral public key, the first ciphertext, and the device static public key.
3. The method of claim 1, further comprising in step e), encrypting, by the SoC, at least the device identity and data from a sensor in the wireless device with the first symmetric ciphering key to generate the first ciphertext, wherein an application in the network processes the data to generate the plaintext response comprising an instruction for an actuator in the wireless device.
4. The method of claim 1, wherein the first ECDH key exchange comprises (i) a first point multiplication of the device static private key with the network public key, and (ii) a second point multiplication of the device ephemeral private key with the network public key.
5. The method of claim 1, further comprising in step c), deriving, by the SoC, the first symmetric ciphering key from a first shared secret and a secure hash algorithm, wherein the first ECDH key exchange generates the first shared secret, and wherein the first shared secret comprises a value X3, the first symmetric ciphering key comprises a value K1, and the network public key comprises a value Sn.
6. The method of claim 1, wherein the second ECDH key exchange comprises (i) a first point multiplication of the device static private key with the server public key, and (ii) a second point multiplication of the device ephemeral private key with the server public key.
7. The method of claim 1, further comprising in step d), deriving, by the SoC, the second symmetric ciphering key from a second shared secret and a secure hash algorithm, wherein the second ECDH key exchange generates the second shared secret, and wherein the second shared secret comprises a value X4, the second symmetric ciphering key comprises a value K2, and the server public key comprises one of values Ss and Es.
8. The method of claim 1, wherein the SoC includes a secure enclave comprising a dedicated processing core for performing steps b), c), d), e), h), and i).
9. The method of claim 1, further comprising in step f), transmitting, by the radio in the wireless device and to the network, the device ephemeral public key, an obfuscated device identity, and the first ciphertext, wherein the obfuscated device identity (i) periodically changes over time and (ii) is uniquely associated with the wireless device.
10. The method of claim 1, wherein an algorithm for the first ECDH key exchange is stored in a random access memory.
12. The method of claim 11, further comprising in step b), receiving, from the wireless device and by the radio in the network, the device ephemeral public key, the first ciphertext, and the device static public key, wherein the device ephemeral public key and the device static public key supports an elliptic curve comprising one of curves p-256, 25519, and 448.
13. The method of claim 11, further comprising in step e), decrypting, by the processor, the first ciphertext with the first symmetric ciphering key in order to read at least (i) the device identity and (ii) data from a sensor in the wireless device, wherein an application in the network selects the plaintext response using the device identity and the data from the sensor.
14. The method of claim 11, wherein the first ECDH key exchange comprises (i) a first point multiplication of the device static public key with the network private key, and (ii) a second point multiplication of the device ephemeral public key with the network private key.
15. The method of claim 11, further comprising in step c), deriving the first symmetric ciphering key from a first shared secret and a secure hash algorithm, wherein the first ECDH key exchange generates the first shared secret, and wherein the first shared secret comprises a value X3, the first symmetric ciphering key comprises a value K1, and the network private key comprises a value sn.
16. The method of claim 11, wherein the second ECDH key exchange comprises (i) a first point multiplication of the device static public key with the server private key, and (ii) a second point multiplication of the device ephemeral public key with the server private key.
17. The method of claim 11, further comprising in step d), deriving, by the processor, the second symmetric ciphering key from a second shared secret and a secure hash algorithm, wherein the second ECDH key exchange generates the second shared secret, and wherein the second shared secret comprises a value X4, the second symmetric ciphering key comprises a value K2, and the server private key comprises one of values ss and es.
18. The method of claim 11, wherein the network comprises the first server to store the network private key and the second server to store the server private key, and wherein the first server and second server communicate over a private network using a secure session.
19. The method of claim 11, further comprising in step b), receiving, from the wireless device and by the radio for the network, the device ephemeral public key, an obfuscated device identity, and the first ciphertext, wherein the obfuscated device identity (i) periodically changes over time and (ii) is uniquely associated with the wireless device.
20. The method of claim 11, wherein steps e), f), and g) use an Advanced Encryption Standard (AES) with a Galois/Counter mode (GCM).
22. The network of claim 21, wherein the multiprocessor system comprises a plurality of processors distributed within the network.
23. The network of claim 21, further comprising the radio to a) receive from the wireless device, the device ephemeral public key, the first ciphertext, and the device static public key, wherein the device ephemeral public key and the device static public key support an elliptic curve comprising one of curves p-256, 25519, and 448.
24. The network of claim 21, further comprising the multiprocessor system to a) decrypt the first ciphertext with the first symmetric ciphering key in order to read at least (i) the device identity and (ii) data from a sensor in the wireless device, wherein an application in the network selects the plaintext response using the device identity and the data from the sensor.
25. The network of claim 21, wherein the first ECDH key exchange comprises (i) a first point multiplication of the device static public key with the network private key, and (ii) a second point multiplication of the device ephemeral public key with the network private key.
26. The network of claim 21, further comprising the memory storing the computer executable instructions to a) derive the first symmetric ciphering key from a first shared secret and a secure hash algorithm, wherein the first ECDH key exchange generates the first shared secret, and wherein the first shared secret comprises a value X3, the first symmetric ciphering key comprises a value K1, and the network private key comprises a value sn.
27. The network of claim 21, wherein the second ECDH key exchange comprises (i) a first point multiplication of the device static public key with the server private key, and (ii) a second point multiplication of the device ephemeral public key with the server private key.
28. The network of claim 21, further comprising the memory storing the computer executable instructions to b) derive the second symmetric ciphering key from a second shared secret and a secure hash algorithm, wherein the second ECDH key exchange generates the second shared secret, and wherein the second shared secret comprises a value X4, the second symmetric ciphering key comprises a value K2, and the server private key comprises one of values ss and es.
29. The network of claim 21, further comprising the radio to a) receive from the wireless device, the device ephemeral public key, an obfuscated device identity, and the first ciphertext, wherein the obfuscated device identity (i) periodically changes over time and (ii) is uniquely associated with the wireless device.
30. The network of claim 21, wherein the radio transmits and receives data with the wireless device using Low Power Wide Area (LPWA) technology.
Unknown
September 6, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.